fxa/allowlist в f6e347b547bd87534bf38a9e799ebd3a20969ab9 - fxa

dschom df7897920d task(gql-api): Allowlist graphql queries Because: - We want to lock down our gql queries as part of good security practices. This Commit: - Creates task that extracts existing gql queries from our code - Applies middleware that checks a allowlist of extracted queries. - Creates a 403 if the query is not in the allowlist - Makes all gql parsable by extraction utility. The extraction utility doesn't support string placeholders. e.g. gql` Account { ${ACCOUNT_FIELDS} }` - Moves all the gql in the admin server into .ts files. Again for consistency and extraction utility support. - Cleans up some config references at startup - Adds nx config for extraction & copy tasks	2023-07-18 05:54:28 -07:00
..
gql-playground.json	task(gql-api): Allowlist graphql queries	2023-07-18 05:54:28 -07:00

task(gql-api): Allowlist graphql queries

Because:
- We want to lock down our gql queries as part of good security practices.

This Commit:
- Creates task that extracts existing gql queries from our code
- Applies middleware that checks a allowlist of extracted queries.
- Creates a 403 if the query is not in the allowlist
- Makes all gql parsable by extraction utility. The extraction utility doesn't support string placeholders. e.g. gql` Account { ${ACCOUNT_FIELDS} }`
- Moves all the gql in the admin server into .ts files. Again for consistency and extraction utility support.
- Cleans up some config references at startup
- Adds nx config for extraction & copy tasks

2023-07-18 05:54:28 -07:00

gql-playground.json

task(gql-api): Allowlist graphql queries

2023-07-18 05:54:28 -07:00